Falhas do tipo CWE-22

4.841 resultados
CVE-2023-3330Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,EPSS 0.5%CVE-2024-38704MEDIUMWordPress Team Manager plugin <= 2.1.12 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-36726MEDIUMAn arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of bookcars v8.3 allows unauthenticated attackers tEPSS 0.5%CVE-2024-44018HIGHWordPress Instant Chat WP plugin <= 1.0.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44034HIGHWordPress WPSPX plugin <= 1.0.2 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-66905HIGHThe Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths before resolving them against the filesystEPSS 0.5%CVE-2026-42351HIGHpygeoapi: Path Traversal in STAC FileSystemProviderEPSS 0.5%CVE-2024-35634MEDIUMWoocommerce – Recent Purchases plugin <= 1.0.1 - File Inclusion vulnerabilityEPSS 0.5%CVE-2025-22663HIGHWordPress Paid Videochat Turnkey Site plugin <= 7.2.12 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2026-12243HIGHPath Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()EPSS 0.5%CVE-2024-52449HIGHWordPress WordPress Bootscraper plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-49285HIGHWordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-65025HIGHesm.sh CDN service has arbitrary file write via tarslipEPSS 0.5%CVE-2026-30283CRITICALAn arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical inEPSS 0.5%CVE-2026-53872HIGHpicklescan - Arbitrary File Read via Unsafe Pickle DeserializationEPSS 0.5%CVE-2025-62254MEDIUMThe ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 202EPSS 0.5%CVE-2025-6265HIGHA path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allowEPSS 0.5%CVE-2024-11219MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.6 - Unauthetnicated Path Traversal to Arbitrary Image ViewEPSS 0.5%CVE-2025-10766MEDIUMSeriaWei ZKEACMS EventViewerController.cs Download path traversalEPSS 0.5%CVE-2023-46205HIGHWordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.19.14 - Local File Inclusion vulnerabilityEPSS 0.5%